using profile that assume role in aws-sdk (AWS JavaScript SDK)

Anders Lundsgard picture Anders Lundsgard · Aug 31, 2017 · Viewed 23.3k times · Source

Using the AWS SDK for JavaScript, I want to use a default profile that assumes the a role. This works perfectly with the AWS CLI. Using node.js with the SDK does not assume the role, but only uses credentials to the AWS account that the access key belongs to. I've found this documentation but it does not deal with assuming a role: http://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/loading-node-credentials-shared.html

Any tips?

This is my config file:

[default]
role_arn = arn:aws:iam::123456789:role/Developer
source_profile = default
output = json
region = us-east-1

Answer

Kanak Singhal picture Kanak Singhal · Sep 6, 2018

Found the correct way to do it! Check out this PR: https://github.com/aws/aws-sdk-js/pull/1391

Just had to add AWS_SDK_LOAD_CONFIG="true" to the environment variable along with AWS_PROFILE="assume-role-profile"

So it doesn’t require any code update 😅

This is because, the SDK only loads credentials file by default, not the config file, but since AWS role_arn is stored in the config file, we must enable loading the config file as well.